Saturday,30 November, 2024

Subscribe to Newsletter
HOME
 		  NEWS
 		  Knowledge Center
 		 
News

EvilGrab and Targeted Attacks/APTs in 2Q 2013

Published Oct 2, 2013

Today we’re releasing the first of a new, regular, quarterly report on targeted attacks (some of which are also connected to Advanced Persistent Threats (APTs) campaigns). Each quarter, this report will detail trends we’ve observed as well as go in-depth on one particular APT campaign. This first report focuses on the second quarter of 2013 and goes in-depth on a new campaign we’ve identified and are calling “EvilGrab” that targets security software and uses a systems audio and visual components to capture information and eavesdrop.

We’re also releasing two new papers to help you understand how targeted attacks unfold and how to protect against them. “Data Exfiltration: How Do Threat Actors Steal Your Data?” is another paper in our series to help you understand the different stages of a targeted attack. And “Suggestions to Help Companies with the Fight against Targeted Attacks” gives you industry best practices to help you be better protected against these kinds of threats.

The EvilGrab campaign shows why the kind of broad approach to defense that we outline in “Suggestions to Help Companies with the Fight against Targeted Attacks” is necessary. A key characteristic of this campaign is the targeting of specific security products by the EvilGrab malware. This increasingly common tactic shows that attackers are learning about the security infrastructure of a target as a regular part of their information gathering phase. We saw this tactic also in the recent New York Times attack.

In “Data Exfiltration: How Do Threat Actors Steal Your Data? we outline common techniques attackers use to capture and move data. One very interesting technique outlined there that we see with EvilGrab is its use of audio and video to capture data. EvilGrab will use video capture software to steal information off an infected system’s screen. It will also use an attached microphone as a covert listening device.

Targeted attacks are an important area of focus for us. This is the latest in our ongoing research into attacks like we did with IXESHE in 2012. And our focus includes providing information to help protect against targeted attacks. A good example is our guidance for ICS/SCADA environments. Here again, we’re looking to build on and continue that focus not just on product solutions, but actionable best practices.


Rate This:

Posted by VMD - [Virtual Marketing Department]

Poll
What is your favourite search engine?
Google
Yahoo
Bing

Most Viewed
  Riverbed Launches Industry’s Most Complete Digital Experience Management Solution
  Credence Security to Address Growing Market for GRC Solutions in Middle East Through Partnership with Rsam
  New Mimecast Archive Cloud Capability Streamlines GDPR Management for Email
  Planning and Scheduling Software–Helping Manufacturers Keep Their Customers Happy
  Farsight Security and Infoblox Provide Zero-Hour Protection Against Cyberattacks Due to New Domains
  Fujitsu Launches High-Security Biometric Authentication Solution for Active Directory IT Environments
  Rackspace Wins 2017 Red Hat Innovator of the Year Award
  ServiceNow Survey Shows 2018 as the Year of Automation for Routine Enterprise Work
  4 Tech Hacks to Faster Customer Onboarding
  New Mimecast Report Detects 400% Increase in Impersonation Attacks
Contact Us
Site Map
News RSS
Terms of Use

Developed & Managed By ROOT Technologies - Copyrights ROOT Technologies - All Rights Reserved.